Organisations today are embarking on their own distinct journeys of digital transformation as advances in new technologies like 5G and AI change the face of business. There is a common misconception that security hinders innovation, and limits the rate at which organisations can transform. The reality is that failing to factor in security at the outset of a digital transformation journey increases risk from outside threats. Periods of digital transformation should be seen as an opportunity to strengthen security in parallel with transforming your business.
Data breaches are a concern for the general public and businesses alike. Only recently, the UK’s National Health Service (NHS) was the target of a sophisticated ransomware attack that ground emergency services at some hospitals to a crawl and genuinely endangered lives as a result.
Hacks can also be reputationally and financially damaging to a business, as it was for Yahoo. When details emerged in 2016 about a 2013 data breach that affected one billion accounts, the company faced harsh criticism for not disclosing the event sooner, and had a considerable financial impact when Verizon announced that the breach would have a ‘material’ effect on their acquisition deal.
In addition, the regulatory implications of large-scale attacks are mounting. Under the European General Data Protection Regulation (GDPR) for example, which will come into full effect in 2018, organisations may be fined up to 4% of global turnover or €20 million (whichever is greater) following a breach if the regulators decide that the organisation did not take the necessary precautions to protect the data.
All of this considered, it’s clear that the landscape of digital threats has seen considerable advancement in recent years but organisations are failing to adapt. Many organisations are using outdated methods of protection that focus too heavily on blocking and prevention mechanisms. These methods are decreasingly effective against the advanced threats from today’s motivated, advanced hackers. There is no such thing as an unsinkable ship, and there is no such thing as impenetrable prevention against attackers.
So how can organisations adapt?
The first step is to accept that at some point, the hackers will breach your preventative security layer. The second is to invest in an adaptive security method that is able to keep up with increasingly sophisticated attacks.
Adaptive security means putting preventative and responsive security processes in place at every step in your system that a threat could break through. Organisations should shift their mind-set from ‘incident response’ to ‘continuous response’. Typically, there are four stages in an adaptive security life cycle: preventative, detective, retrospective and predictive. For organisations to protect themselves, they need to get the right mix.
Preventive security is the first layer of defence. This includes things like firewalls, which are designed to raise the bar against attackers, blocking them and their attack before they affect the business. Most organisations have this in place already, but there is definitely a need for a mind-set change. Rather than seeing preventative security as a way to block attackers completely from getting in, organisations should see it as a barrier that makes it more difficult for an attacker to get through – giving the organisation more time to detect and disable an attack in process.
Detective security detects the attacks within the system that have already breached your walls. The goal of this layer is to reduce the time that attackers spends within the system, limiting the subsequent damage. This layer is critical, as the organisation has already established that attackers will, at some point, encounter a gap in their defences.
Retrospective security is an intelligent layer that turns past attacks into future protection – similar to how a vaccine protects you against diseases. By analysing the vulnerabilities exposed in a previous breach and using forensic analysis and root cause analysis, it recommends new preventative measures for any similar incidents in the future
Predictive security plugs into the external network of threats, periodically monitoring external hacker underground to proactively anticipate new attack types. This is fed back to the preventative layer, putting new protections in place against evolving threats as they’re discovered.
These are the four ingredients you need to secure your business during your digital transformation journey, and they need to be baked in together in order to protect you to their full potential. All elements improve security individually, but together, these four distinct security mechanisms form a comprehensive, constant protection for organisations at every stage in the life cycle of a security threat.
Read Srini’s recent post Petya and WannaCry: a new security environment